Drawing on networking protocols designed to support the U.S. National Aeronautics and Space Administration's interplanetary missions, two information security researchers have created a networking system that's designed to transmit information securely and reliably in even the worst conditions. Dubbed Endrun, its creators hope the system could be deployed everywhere from Ebola hot zones in Liberia to war zones in Syria.

Grant Dobbe and Brendan O'Connor demonstrated their system at last week's Black Hat Europe conference in Amsterdam, and have released related code to the GitHub source code and change-tracking repository. In an interview with Information Security Media Group, the two researchers say their goal has been to design a system that can be used in cases when relying on insecure or always-on communications might have fatal repercussions. "We've set this up for groups that are extremely marginalized," says O'Connor, who's a senior security consultant at Leviathan Security Group.

Endrun is designed to do an "end run" around the Internet, in favor of moving information, such as medical records, contact lists and causality lists, among very small groups of people, including anyone who might be at danger if that information gets intercepted - such as Syrian rebels - or who may be at risk if information leaks. "Being on a list of people who have been in contact with an Ebola patient can be fatal," he says.

By using Endrun, however, designated health officials inside a hot zone could use the system to send messages to individuals outside the hot zone, as well as to receive treatment instructions back. "You just strap a radio to a motorbike and have someone get within range" of another Endrun device connected to a radio, says Endrun co-creator Dobbe, a former Peace Corps volunteer in Ghana who's now a lead security engineer for NuCivic, which offers a SaaS-based open data platform for governments.

Endrun is also designed to run on credit-card-sized Raspberry Pi computers, both because of their low cost - a well-equipped model, with case, costs about $60 - and weight. "They're designed to be light enough to drop from quadrotors," O'Connor says, meaning they could be inexpensively "airlifted" into dangerous environments via drones.

Delay-Tolerant Networking

The approach builds on research into delay- and disruption-tolerant networks, which is based on continuing to send messages, at predefined intervals until they get through. Uses for such networks include supporting interplanetary communications, where connectivity may be intermittent, at best.

Before moving any messages, however, Endrun encrypts all data, then practices "store and forward" message-moving techniques predicated on taking a "spray and wait" approach, Dobbe says. In other words, all of the nodes on the network send each message a predefined number of times, before pausing for a preset period and then sending it half as many times again, and repeating that process until the message-sending counter reaches zero.

That approach avoids using continuous connections, including mesh networks, in which every node in a network can move data for any other node. The military has been relying on mesh networks to support live communications with troops in the field.

After encrypting a message, the sending Endpoint node starts broadcasting the message at predefined intervals, as well as continuing to pass on any messages that it's received, but for which it isn't the intended recipient. During that time, the original message may reach other Endpoint nodes, which will then rebroadcast it, or may have reached the recipient, who can then read it. Crucially, however, only the recipient can read it, and if any of the nodes get compromised, the others can still function.

Endrun is designed to be used with a small number of message-senders; eight is the optimum, based on operational security researcher "The Grugq's" work on the optimal size of small, clandestine cells, O'Connor says.

Transmission: Up to Users

How messages get transmitted is up to users. The researchers say Endrun will work with numerous types of approaches, including "low-power transient unlicensed radio links"; using high-power signals from fixed points, as occurs with spacecraft communications; via amateur, ham radio; or even from smart phones. "We allow very short radio transmissions for people who insist on radio transmissions. So you can go up a hill, broadcast really fast, then get off the hill before the missile comes in," O'Connor says. "The idea is that people who are in really bad situations know their needs better than we do."

Dobbe adds: "The first ones that come to mind are places like Syria where people are being shot and killed for using the Internet wrong. Another case is Ebola hot zones, where you need to be able to move information back and forth, but you also have to maintain confidentiality."

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.